Grand Blog: Unauthorized Actions through Malicious Links

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Grand Blog: Unauthorized Actions through Malicious Links

CVE-2026-39632

Summary

A security weakness in Grand Blog software makes it possible for attackers to trick users into performing unintended actions on the site. This could happen if a user clicks on a malicious link or opens a malicious email. To protect yourself, update to the latest version of Grand Blog.

Original title

Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Blog grandblog allows Cross Site Request Forgery.This issue affects Grand Blog: from n/a through <= 3.1.

Original description

Cross-Site Request Forgery (CSRF) vulnerability in ThemeGoods Grand Blog grandblog allows Cross Site Request Forgery.This issue affects Grand Blog: from n/a through <= 3.1.

Vulnerability type

CWE-352 Cross-Site Request Forgery (CSRF)

https://patchstack.com/database/Wordpress/Theme/grandblog/vulnerability/wordpres...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026